Script Partial Encoding / Domain locking ?

Danny · 05-05-2007, 07:59 PM

Right now ClipShare comes with 100% unencoded source code, so a protection system can't be integrated since it can be easily removed.

But as you probably are aware of, this makes ClipShare an easy target for warez scums, so the script will endup being distributed for free on many warez websites, or even sold with slight modifications by several people without ethics on ebay etc.

What do you think about encoding one core file of the script (that the script will not work without), and locking the script to your domain. A core functional file that will not affect any customizations that you wish to perform on the script.

I belieive this would be in both OUR interest and YOUR interest.
I don't think you like paying $200 for a script and then seeing it on 2000 websites that use it illegal and without paying.
Piracy creates a bigger competition for you. Instead of 1000 sites using the script, both being genuine customers, there will be 5000 sites, 4000 illegal. That means 5 times more competition for you, and even unfair one since they never paid for it like you.

Let me know what you think.

Netmaster · 05-05-2007, 08:19 PM

I totally understand your concerns, they are well founded and your arguments are very convincing...

On the other side, this could make things more complicated for us. Actually i have no idea what kind of the system you are considering. So its hard to say.

The only thing i would like to say about that, is: i am against any kind or DRM. This is not the answer for any kind of threat. Would you give better padding to a kid who gets beat up in school? No. you will do something against the bullies. But here, the bullies are out of reach (or it could be very expensive).

So unless you explain a bit more in details what you are considering and make sure it wont ever cause us problems (like if i need to change my web hosting/domain name and it takes 3-5 days to have a newly encoded file, or if for any reason you cant continue your work)
I am saying that because right now, i have been waiting for almost 2 weeks for an answer to my support ticket. Would that takes 2 week to have a properly encoded file?

This is not an easy decision, its in fact the biggest challenge of the internet right now for any kind of digital content. If Big corporations dont find the solution, why would we?

An at last, any kind of encryption/protection WILL be hacked eventually.

Thats it.. sorry if my english is not perfect...

Danny · 05-05-2007, 08:38 PM

One single fain, that will contain only core functions that you will never need to modify, ZEND ENCODED (nobody decompiled that yet), locked to your domain name. Not using call-homes to us, not locking on the IP in case you change hosting. Only domain name, considering that your license gives you the right to use the script on one domain only. You will have to contact us only if you want to transfer your license to another domain.

likio · 05-05-2007, 08:38 PM

i think its a very good idea to develop a encoded core

Nachen · 05-05-2007, 09:23 PM

Well, my suggestion to you is that you go for a encoded installation-part where a needed serial-key need to be filled in.

But seriously, I don't want you to encode it all since then it loose all this customizion ability.

And one more thing, Those who want to hack your site and spread the code will do it anyway. There is no such thing as 100% hacker-proof.

Go for a installationpart that need serial-key. Not very safe but it will remove the simple mass of script kiddies.

But don't encode it all!

t.check · 05-05-2007, 09:28 PM

Nachen, I think he just wants to lock the core files, that will never need encoding.

DANNY, THANK GOD YOU THOUGHT OF THIS!

I think it is the absolute BEST idea in the WORLD for a script like this!
Also, if you come out with something like this, will we lose our previous work?

Nachen · 05-06-2007, 12:51 AM

The more I think about it.. No, Danny - please don't encode any files or start using callback-functions. One of the main reasons choosing ClipShare was because of the open-source. So you can make it fully customized and don't have to be depended by anyone. Totally independenced site.

The only thing that I can come up with to lower the warez-spreading is that everyone who order will be given a unique serial-key for the installationpart (sure this will need a callback function) and this key can only be used one time, after that you will need to create a new one and the previous won't work even if you used it or not.

This would not prevent the warez-spread but it will prevent it to the mass since then the one who leaked out will have to create a new serialkey. The could be a timegap of 1 hour and only 1 serialkey/day.

Just a tip.

Danny · 05-06-2007, 03:55 AM

As you can read above, I said that ONLY ONE FILE WILL BE ENCODED, NOT ALL. ONE FILE THAT WILL NOT AFFECT ANY CUSTOMIZATION AT ALL.

There are 100% Hacker-Proof solutions. Nobody decompiled Zend yet.

Quote:

Originally Posted by Nachen

Well, my suggestion to you is that you go for a encoded installation-part where a needed serial-key need to be filled in.

But seriously, I don't want you to encode it all since then it loose all this customizion ability.

And one more thing, Those who want to hack your site and spread the code will do it anyway. There is no such thing as 100% hacker-proof.

Go for a installationpart that need serial-key. Not very safe but it will remove the simple mass of script kiddies.

But don't encode it all!

Danny · 05-06-2007, 03:57 AM

How many times should I repeat ? It will not be completely encoded, and it will not use callback-functions or anything like that.

Quote:

Originally Posted by Nachen

The more I think about it.. No, Danny - please don't encode any files or start using callback-functions. One of the main reasons choosing ClipShare was because of the open-source. So you can make it fully customized and don't have to be depended by anyone. Totally independenced site.

The only thing that I can come up with to lower the warez-spreading is that everyone who order will be given a unique serial-key for the installationpart (sure this will need a callback function) and this key can only be used one time, after that you will need to create a new one and the previous won't work even if you used it or not.

This would not prevent the warez-spread but it will prevent it to the mass since then the one who leaked out will have to create a new serialkey. The could be a timegap of 1 hour and only 1 serialkey/day.

Just a tip.

ltsc · 05-06-2007, 05:19 AM

1. People that want to distribute will find a means to decode and distribute anyway, resulting in no benefit but potential pitfalls.

2. When I develop sites and services, I tend to develop locally on a different domain than the target domain. How would I be able to do that with a domain-locked encoded file necessary for the service to run? Buy 2 licenses?

3. What would keep someone from simply commenting out any function calls to the encoded portion/file (partially or entirely)? If the encoded stuff truly have no affect on customization or development which open source allows, then they would be easily commented out and the issue is moot. if they can't be commented out, then clearly parts of the service would be dependent on the encoded parts, making it more difficult to customize.

4. Use the vBulliten model - charge for support, not the code, and establish proper licenses. The scripts may show up on warez but more often than not the people who would steal it would never have had an intention to buy it anyway, and it won't affect a business model centered on customer support (which can't be "stolen"). This would allow you to improve your customer support side of the business, further enhancing your business goals.

5. Use proper channels to copyright the portions of code you actually own. Clearly the original codebase was a mish-mosh of multiple scripts which somehow the persons involved in pooling them together didn't establish proper protections or licenses. Those parts effectively became part of the public domain. However, the parts you engineered are able to be copyright by you and registered in the Library of Congress, and recognized internationally.

6. You have the option to revamp ALL the code to be more improved and establish the code fully 100% owned by you. Doing so would also make it very difficult for your code to be repurposed/resold by dishonest sellers, exposing them to legal issues.

View Poll Results: Partially Encode and Domain Lock ClipShare ?
YES, we don't want warez unfair competition	11	11.11%
YES, as long as it doesn't affect full customization	20	20.20%
NO, we need 100% source code	68	68.69%
Voters: 99. You may not vote on this poll

05-05-2007, 07:59 PM	#1
Danny ClipShare Staff \|Forum Guru\| Join Date: Nov 2006 Posts: 1,638	Script Partial Encoding / Domain locking ? Right now ClipShare comes with 100% unencoded source code, so a protection system can't be integrated since it can be easily removed. But as you probably are aware of, this makes ClipShare an easy target for warez scums, so the script will endup being distributed for free on many warez websites, or even sold with slight modifications by several people without ethics on ebay etc. What do you think about encoding one core file of the script (that the script will not work without), and locking the script to your domain. A core functional file that will not affect any customizations that you wish to perform on the script. I belieive this would be in both OUR interest and YOUR interest. I don't think you like paying $200 for a script and then seeing it on 2000 websites that use it illegal and without paying. Piracy creates a bigger competition for you. Instead of 1000 sites using the script, both being genuine customers, there will be 5000 sites, 4000 illegal. That means 5 times more competition for you, and even unfair one since they never paid for it like you. Let me know what you think. __________________ Best regards, Danny B. - Founder - ClipShare \| MediaShare \| AVS (Adult Video Script) \| Clone Script Directory \| Screept

05-05-2007, 08:38 PM	#3
Danny ClipShare Staff \|Forum Guru\| Join Date: Nov 2006 Posts: 1,638	One single fain, that will contain only core functions that you will never need to modify, ZEND ENCODED (nobody decompiled that yet), locked to your domain name. Not using call-homes to us, not locking on the IP in case you change hosting. Only domain name, considering that your license gives you the right to use the script on one domain only. You will have to contact us only if you want to transfer your license to another domain. __________________ Best regards, Danny B. - Founder - ClipShare \| MediaShare \| AVS (Adult Video Script) \| Clone Script Directory \| Screept

05-05-2007, 09:28 PM	#6
t.check Forum Advisor \|Forum Guru\| Join Date: Feb 2007 Location: Frozen Yogurt Land (aka California) Posts: 1,180	Nachen, I think he just wants to lock the core files, that will never need encoding. DANNY, THANK GOD YOU THOUGHT OF THIS! I think it is the absolute BEST idea in the WORLD for a script like this! Also, if you come out with something like this, will we lose our previous work? __________________ Current Special: Quadruple bandwidth on all plans for life! Just sign up and send a ticket into support mentioning this ticket and we'll upgrade you for free! Expires on Halloween! Interested in high-quality, non-oversold web hosting? Click here and give Kiveta a try.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

05-05-2007, 08:19 PM	#2
Netmaster Member \|Forum Regular\| Join Date: Mar 2007 Posts: 174	I totally understand your concerns, they are well founded and your arguments are very convincing... On the other side, this could make things more complicated for us. Actually i have no idea what kind of the system you are considering. So its hard to say. The only thing i would like to say about that, is: i am against any kind or DRM. This is not the answer for any kind of threat. Would you give better padding to a kid who gets beat up in school? No. you will do something against the bullies. But here, the bullies are out of reach (or it could be very expensive). So unless you explain a bit more in details what you are considering and make sure it wont ever cause us problems (like if i need to change my web hosting/domain name and it takes 3-5 days to have a newly encoded file, or if for any reason you cant continue your work) I am saying that because right now, i have been waiting for almost 2 weeks for an answer to my support ticket. Would that takes 2 week to have a properly encoded file? This is not an easy decision, its in fact the biggest challenge of the internet right now for any kind of digital content. If Big corporations dont find the solution, why would we? An at last, any kind of encryption/protection WILL be hacked eventually. Thats it.. sorry if my english is not perfect...

05-05-2007, 08:38 PM	#4
likio Member \|Forum Junior\| Join Date: Feb 2007 Location: Germany Posts: 99	i think its a very good idea to develop a encoded core

05-05-2007, 09:23 PM	#5
Nachen Member \|Forum Regular\| Join Date: Apr 2007 Location: Sweden Posts: 143	Well, my suggestion to you is that you go for a encoded installation-part where a needed serial-key need to be filled in. But seriously, I don't want you to encode it all since then it loose all this customizion ability. And one more thing, Those who want to hack your site and spread the code will do it anyway. There is no such thing as 100% hacker-proof. Go for a installationpart that need serial-key. Not very safe but it will remove the simple mass of script kiddies. But don't encode it all!

05-06-2007, 12:51 AM	#7
Nachen Member \|Forum Regular\| Join Date: Apr 2007 Location: Sweden Posts: 143	The more I think about it.. No, Danny - please don't encode any files or start using callback-functions. One of the main reasons choosing ClipShare was because of the open-source. So you can make it fully customized and don't have to be depended by anyone. Totally independenced site. The only thing that I can come up with to lower the warez-spreading is that everyone who order will be given a unique serial-key for the installationpart (sure this will need a callback function) and this key can only be used one time, after that you will need to create a new one and the previous won't work even if you used it or not. This would not prevent the warez-spread but it will prevent it to the mass since then the one who leaked out will have to create a new serialkey. The could be a timegap of 1 hour and only 1 serialkey/day. Just a tip.

05-06-2007, 05:19 AM	#10
ltsc Member \|Forum Junior\| Join Date: May 2007 Posts: 76	1. People that want to distribute will find a means to decode and distribute anyway, resulting in no benefit but potential pitfalls. 2. When I develop sites and services, I tend to develop locally on a different domain than the target domain. How would I be able to do that with a domain-locked encoded file necessary for the service to run? Buy 2 licenses? 3. What would keep someone from simply commenting out any function calls to the encoded portion/file (partially or entirely)? If the encoded stuff truly have no affect on customization or development which open source allows, then they would be easily commented out and the issue is moot. if they can't be commented out, then clearly parts of the service would be dependent on the encoded parts, making it more difficult to customize. 4. Use the vBulliten model - charge for support, not the code, and establish proper licenses. The scripts may show up on warez but more often than not the people who would steal it would never have had an intention to buy it anyway, and it won't affect a business model centered on customer support (which can't be "stolen"). This would allow you to improve your customer support side of the business, further enhancing your business goals. 5. Use proper channels to copyright the portions of code you actually own. Clearly the original codebase was a mish-mosh of multiple scripts which somehow the persons involved in pooling them together didn't establish proper protections or licenses. Those parts effectively became part of the public domain. However, the parts you engineered are able to be copyright by you and registered in the Library of Congress, and recognized internationally. 6. You have the option to revamp ALL the code to be more improved and establish the code fully 100% owned by you. Doing so would also make it very difficult for your code to be repurposed/resold by dishonest sellers, exposing them to legal issues.

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Multiple Domain License	kevin	Pre-Sales Questions	2	03-31-2007 08:45 PM